Fourteen US and Canadian cancer institutes will use International Business Machines Corp.’s Watson computer system to choose therapies based on a tumor’s genetic fingerprints, the company said on Tuesday, the latest step toward bringing personalized cancer treatments to more patients.

Oncology is the first specialty where matching therapy to DNA has improved outcomes for some patients, inspiring the “precision medicine initiative” President Barack Obama announced in January.

But it can take weeks to identify drugs targeting cancer-causing mutations. Watson can do it in minutes and has in its database the findings of scientific papers and clinical trials on particular cancers and potential therapies.

Faced with such a data deluge, “the solution is going to be Watson or something like it,” said oncologist Norman Sharpless of the University of North Carolina Lineberger Cancer Center. “Humans alone can’t do it.”

IBM is positioning Watson for exactly this task: an area of medicine where humans can see the vast potential, but can’t begin to wrangle the data needed to achieve it. “Genomics is the secret to unlocking personalized medicine,” said Steve Gold, a Vice President of the IBM Watson Group, at a press conference on Tuesday.

Yet it is unclear how many patients will be helped by such a “big data” approach. For one thing, in many common cancers old-line chemotherapy and radiation will remain the standard of care, and genomic analysis may not make a difference.

The scientists directly involved with Watson aren’t making any promises, but they’re hopeful they can slowly begin to make a difference in the world of cancer treatment, which today leaves a great number of patients without many good options.

“Traditional cancer treatments are moderately effective, associated with moderate toxicity, and many patients still succumb to the disease,” said Lukas Wartman, assistant director of Cancer Genomics at Washington University and a leukemia survivor, at Tuesday’s press conference. “There’s been a lot of pessimism among those [fighting] cancer, and Watson offers an opportunity to fight back against that pessimism.”

Cloud-based Watson will be used at the centers – including Cleveland Clinic, Fred & Pamela Buffett Cancer Center in Omaha and Yale Cancer Center – by late 2015, said Steve Harvey, vice president of IBM Watson Health. The centers pay a subscription fee, which IBM did not disclose.

Oncologists will upload the DNA fingerprint of a patient’s tumor, which indicates which genes are mutated and possibly driving the malignancy. Watson, recognized broadly for beating two champions of the game show Jeopardy! in 2011, will sift through thousands of mutations and try to identify which is driving the tumor, and therefore what a drug must target.

Distinguishing driver mutations from others is a huge challenge. IBM spent more than a year developing a scoring system so Watson can do that, since targeting non-driver mutations would not help.

“Watson will look for actionable targets,” Harvey said, matching them to approved and experimental cancer drugs and even non-cancer drugs (if Watson decides the latter interfere with a biological pathway driving a malignancy).

But Watson has trouble identifying actionable targets in cancers with many mutations. Although genetic profiling is standard in melanoma and some lung cancers, where drugs such as Zelboraf from the Genentech unit of Roche Holding AG target the driver mutation, in most common tumors traditional chemotherapy and radiation remain the standard of care.

“When institutions do genetic sequencing, only about half the cases come back with something actionable,” Harvey said, often because it is impossible to identify the driver mutation or no targeted therapy exists.

The other collaborating centers are Ann & Robert H. Lurie Children’s Hospital of Chicago; BC Cancer Agency in British Columbia; City of Hope, in Duarte, California; Duke Cancer Institute in North Carolina; McDonnell Genome Institute at Washington University in St. Louis; New York Genome Center, Sanford Health in South Dakota; University of Kansas Cancer Center; University of Southern California Norris Comprehensive Cancer Center, and University of Washington Medical Center.

A new bipartisan committee’s working group will gather on Capitol Hill throughout the coming months to find ways to improve electronic health records, according to Senate health committee chairman Lamar Alexander (R-Tenn.) and ranking member Patty Murray (D-Wash.).

The group will work to find five or six ways to “make the failed promise of electronic health records something that physicians and providers look forward to instead of something they endure,” Murray said in an announcement.

All members of the Senate health committee are invited to be a part of the working group. Staff meetings begin this week, with participation from health IT professionals, industry experts and government agencies.

The working group’s goals include the following:

Help providers improve quality of care and patient safety.

Facilitate interoperability between EHR vendors.

Empower patients to engage in their own care through access to their health data.

Protect privacy and security of health information.

The working group isn’t the only way Alexander and Murray are pushing for change when it comes to EHRs.

Should drug makers be required to disclose their costs to justify rising prices?

This is what a growing number of state legislatures are considering. Over the past several weeks, lawmakers in a handful of states stretching from California to Massachusetts have introduced bills in a bid to force the pharmaceutical industry to conduct an economic striptease.

“We need to have some transparency,” says Tony DeLuca, a Democrat who chairs the Pennsylvania House Insurance Committee and who introduced one such bill earlier this week. “Some of the sticker prices are outrageous. I’m hoping it achieves lower health care costs.”

The bills are not wholly identical. Some would require drug makers to report profits and various operational costs for any medicine that has a price tag of more than $10,000 a year, while others seek this information for all medicines, regardless of price. A bill was also introduced in North Carolina.

The effort comes as a national debate intensifies over prices for prescription medicines. Over the past year, payers – both public and private – have remonstrated over the cost of new specialty drugs for hard-to-treat ailments and for older generic drugs that were supposed to offer low-cost alternatives.

A new poll by the Kaiser Family Foundation found that 76% of Americans overall – and across party lines – say their top health care priority is ensuring that high-cost drugs for chronic conditions, such as HIV, hepatitis, mental illness and cancer, are affordable.

The issue is placing drug makers on the defensive, even as they argue pricey new medicines – notably, those for combating hepatitis C and certain rare diseases – represent good value for illnesses that would, otherwise, cost more to treat in the long run.

These bills represent a new front, though, in trying to blunt escalating price tags. And the legislation is winning enthusiastic backing from business groups, consumers advocates and health insurers, which some legislators say have helped craft language.

“This is about starting a conversation,” says Charles Bacchi, chief executive at the California Association Plans, which worked with a California legislator on one bill. “We need real answers about why these drugs are priced so high. Yes, there are limits to what a state can do, but it’s a debate we need to have.”

To what extent these bills may succeed is uncertain, at best.

Drug makers, not surprisingly, are pushing back and recently helped defeat legislation in Oregon. Earlier this week, the pharmaceutical industry trade group testified against the bill in California, where a vote was postponed until next week in light of opposition, according to a legislative aide.

As far as drug makers are concerned, the bills are not only onerous, but make demands they maintain cannot be met. For instance, an industry trade group argues that providing development costs for some drugs may be impossible when research was simultaneously conducted on other medicines that failed. The bottom line, says the California Healthcare Institute, is that the bill would “stifle innovation.”

“The price charged for an individual drug is not a reflection of development costs,” says Ken Kaitin, director of the Tufts Center for the Study of Drug Development, which receives pharmaceutical industry backing. “Pricing strategies are based on therapeutic value, market size, usage, patent life, competition and other factors.”

Even if one or more bills were to become law, there is no certain path toward lowering prices. But the effort may resonate around the country, especially with the 2016 presidential campaign under way. “This may be a model that other governments may want to build upon,” says Jamie Love of Knowledge Ecology International, a non-profit group that tracks access to medicines issues.

“While it is too soon to know if this prescription transparency legislation will continue to expand this year,” says Richard Cauchi, the program director for health insurance, financing and pharmaceuticals at the National Conference of State Legislatures, “state legislators often do look at what their colleagues in other states are doing.”

Most hospitals don’t have good ways of measuring the complex costs associated with an individual patient’s stay in the hospital. The VA is one surprising exception.

The success of health reform in the US depends on finding ways to control the growth of costs. Hospital care is expensive. And when patients have to be readmitted unexpectedly after discharge, it can really crank up spending.

As we strive to keep health care costs in line, reducing hospital readmissions is drawing a lot of attention. Reducing preventable readmissions could reduce health care spending and improve quality of care at the same time.

But very little research on readmission costs has been done. An exception is a study that found that one in five elderly Medicare patients is readmitted to the hospital within 30 days of being discharged, at an estimated cost of $17.4 billion in 2004.

Most hospitals don’t have good ways of measuring the complex costs associated with an individual patient’s stay in the hospital.

But there is, however, a hospital system that does a very good of job of tracking these costs: the Veterans Health Administration.

Veterans Affairs could provide a blueprint

The Veterans Health Administration (the VA) operates 119 acute care hospitals across the US, and has created an unparalleled comprehensive patient-cost accounting system, its Decision Support System (DSS).

The DSS works from the bottom up by summing the individual resources and costs each individual patients winds up needing during their hospital stay. Unlike most other hospital accounting systems, the VADSS also can separate costs that are fixed regardless of the volume of services provided, such as administrative overhead, from costs that vary with service volume, such as lab tests or imaging. All of this means that the VA can track patients’ costs with greater precision than most hospitals, and can more easily see the cost of readmissions.

There are other reasons why VA is a good setting for studying readmission costs. VA hospitals have a simpler set of incentives around readmitting patients. Under Medicare, hospitals face a trade-off between receiving payments for readmitting Medicare patients and avoiding payment penalties for not readmitting patients under the new ACA regulations.

But in the VA system, budgets are set annually, so there is no financial incentive to readmit patients. It will not increase the amount of money VA hospitals get. And physicians who work in VA hospitals are salaried VA employees. They do not gain financially when they readmit patients, so they have no incentive to provide unnecessary care.

How much money does preventing readmission save?

In a recent study, Theodore Stefos and I used 2011 Decision Support System data to examine the component of cost that varies with a readmission, to provide hospital managers with a more realistic estimate of how much they could save by reducing readmissions.

We found that managers could expect to save $2,140 for the average 30-day readmission prevented. For heart attack, heart failure, and pneumonia patients, expected readmission cost estimates were higher: $3,432, $2,488 and $2,278 respectively.

We also found that patients’ risk of illness was the main driver of expected readmission cost. This is an important finding for managers. Even though this is a factor they cannot control, they can expect that patients with a greater risk of illness might be at greater risk after controlling for other factors such as age. Men also were much more likely to be readmitted than women, as were lower income and unmarried vets. Understanding this information can help hospital managers better predict which patients are at risk for readmission, and to take steps to address this proactively.

While the VA has some processes of care that differ from other health care systems, its experience has important lessons for private sector hospitals, especially for those that treat a high share of chronically ill or low-income patients.

Why it is important to know what readmissions cost

Today hospitals are under increasing pressure to curb readmissions. For instance in 2013 Centers for Medicare & Medicaid Services (CMS) started to financially penalize hospitals for 30-day readmissions that exceed national averages for heart attack, heart failure and pneumonia. As of October 2014, chronic obstructive pulmonary disorder and elective knee and hip replacements are also being targeted and the penalty has increased up to 3% of the total Medicare reimbursement to the hospital.

Hospital managers would like to know what actual cost savings are when a readmission is avoided, so they can understand how readmissions affect their overall budgets.

IBM is taking its Watson artificial-intelligence technology into health care in a big way with industry partners, a pair of acquisitions and an ambitious agenda.

The initial three industry partners are Apple, Johnson & Johnson and Medtronic. On Monday afternoon, after the close of stock trading, IBM also announced it would buy two start-ups: Explorys, a spin-off from the Cleveland Clinic whose data on 50 million patients is used to spot patterns in diseases, treatments and outcomes; and Phytel, a Dallas maker of software to manage patient care and reduce readmission rates to hospitals.

The IBM plan, put simply, is that its Watson technology will be a cloud-based service that taps vast stores of health data and delivers tailored insights to hospitals, physicians, insurers, researchers and potentially even individual patients.

“We’re going to enable personalized health care on a huge scale,” said John E. Kelly, a senior vice president who oversees IBM’s research labs and new initiatives.

To date, IBM has done some individual projects using Watson technology with leading medical centers, including Memorial Sloan Kettering Cancer Center in New York, the University of Texas MD Anderson Cancer Center in Houston and the Cleveland Clinic. But the creation of the Watson Health unit, Mr. Kelly said, is an effort to apply the technology to the mainstream of health care.

The Watson Health announcement is also the latest in flurry of initiatives IBM has announced this year that include new corporate partnerships as well as moves in cloud computing, data analytics and Watson. They are evidence that IBM is intent on investing for future growth, and showing it is doing so, in a year when its financial performance is likely to lag.

IBM has reported disappointing earnings recently, and Virginia M. Rometty, IBM’s chief executive, has told industry analysts and investors that 2015 would be a transition year in which new growth businesses like Watson did not yet overcome the profit erosion in some of its traditional hardware and software products.

IBM’s broad vision of combining and analyzing health data from varied sources to improve care has been around for decades. But the company and its partners say that technology, economics and policy changes are coming together to improve the odds of making the IBM venture a workable reality. They point to improvements in artificial intelligence, low-cost cloud computing and health policy that will reward keeping patients healthy instead of the fee-for-service model in which more treatments and procedures mean more revenue.

“Forces in health care are aligning as never before,” said Sandra E. Peterson, a group worldwide chairman at Johnson & Johnson in charge of information technology and new wellness programs. “It could be a unique moment and something like this could have real legs.”

A focus of the Johnson & Johnson partnership with IBM will be improving patient care before and after knee and hip replacements. The company will apply Watson technology to data sources ranging from patient records to digital fitness devices and smartphone applications, which can monitor movement and vital signs. “It will allow us to do much more integrated, personalized care,” Ms. Peterson said.

Medtronic, a large medical equipment maker, wants to use data intelligently to treat diabetes patients beyond providing them with its glucose monitors and insulin pumps. Medtronic devices are already digital and produce a lot of data, but the company plans to use the Watson software to spot patients trending toward trouble and automatically adjust insulin doses and send alerts to care providers and the patients themselves.

“The goal is dynamic, personalized care plans so you can delay or stop the progression of diabetes,” said Hooman Hakami, executive vice president in charge of Medtronic’s diabetes group.

Apple is increasingly a major supplier of health sensors, from iPhone apps to the Apple Watch. Its recently introduced HealthKit and ResearchKit software make it easier for applications and researchers to harvest health information from millions of owners of Apple products, with their permission. That data can now be plugged into Watson. “We want to be the analytics brains behind HealthKit and ResearchKit,” Mr. Kelly said.

The IBM initiative raises questions on how data is handled and about privacy. Mr. Kelly said the data scrutinized by Watson will typically be anonymized and often be read by Watson but not removed from hospital or health company data centers. “There will be no big, centralized database in the sky,” Mr. Kelly said.

Even critics of health information technology say the IBM effort holds promise. “If that future when all this stuff works is going to become real, then having some of the key players come together is the only way it’s going to happen,” said Dr. Robert M. Wachter, a professor at the University of California, San Francisco medical school and author of “The Digital Doctor: Hope, Hype and Harm at the Dawn of Medicine’s Computer Age.” “This could be a pretty important step along the way.”

Last year, the fallout from a string of breaches at major retailers like Target and Home Depot had consumers on edge. But 2015 is shaping up to be the year consumers should be taking a closer look at who is guarding their health information.

Data about more than 120 million people has been compromised in more than 1,100 separate breaches at organizations handling protected health data since 2009, according to Department of Health and Human Services data reviewed by The Washington Post.

“That’s a third of the U.S. population — this really should be a wake-up call,” said Deborah Peel, the executive director of Patient Privacy Rights.

The data may double-count some individuals if they had their information compromised in more than incident, but it still reflects a staggering number of times Americans have been affected by breaches at organizations trusted with sensitive health information. And the data does not yet reflect the hack of Premera, which announced this week that hackers may have accessed information, including medical data, on up to 11 million people.

Most breaches of data from health organizations are small and don’t involve hackers breaking into a company’s computer system. Some involve a stolen laptop or the inappropriate disposal of paper records, for example — and not all necessarily involve medical information. But hacking-related incidents disclosed this year have dramatically driven up the number of people exposed by breaches in this sector.

When Anthem, the nation’s second-largest health insurer, announced in February that hackers broke into a database containing the personal information of nearly 80 million records related to consumers, that one incident more than doubled the number of people affected by breaches in the health industry since the agency started publicly reporting on the issue in 2009.

“We are certainly seeing a rise in the number of individuals affected by hacking/IT incidents,” Rachel Seeger, a spokesperson for HHS’s Office for Civil Rights, said in a statement. “These incidents have the potential to affect very large numbers of health care consumers, as evidenced by the recent Anthem and Premera breaches.”

And some cybersecurity experts warn this may only be the beginning. “We’re probably going to see a lot more of these happening in the coming few months,” said Dave Kennedy, the chief executive of TrustedSEC.

Health organizations are targets because they maintain troves of data with significant resale value in black markets, Kennedy said, and their security practices are often less sophisticated than other industries. Now that some major players in the market have come forward as victims of cyberattacks other organizations are likely to take a close look at their own networks — potentially uncovering other compromises, he said.

“The information that companies like Anthem and Premera had is more valuable than just payment card information held by retailers or financial institutions,” said Scott Vernick, who heads up the data security and privacy practice at law firm Fox Rothschild. Credit card information has a relatively short shelf life, with new cards issued on a regular basis, he explained. But a health organizations often have complete profiles of people including Social Security numbers and medical health information that is much more difficult if not impossible to change.

Some of the data can be used to pursue traditional financial crimes — like setting up fraudulent lines of credit, Kennedy said. But it can also be used for medical insurance fraud, like purchasing medical equipment for resale or obtaining pricey medical care for another person.

This type of scheme is often not caught as quickly as financial fraud, experts said, and could have a lasting affect if it results in a person’s medical history containing false information. “In theory you could end up in an emergency situation, and if your records are contaminated by someone else’s information that could cause serious problems — like medical professionals believing you have a different blood type,” said Peel.

If a hacker is able to obtain information about a person’s medical condition, as it appears may have happened in the Premera breach but not the Anthem breach, there are additional risks. Information about mental health or HIV treatments could be made public, and there’s no way to truly make the information private again. “There’s almost no way to remedy this; there’s no recourse,” said Peel.

Health care providers already have to comply with government rules on protecting patient privacy, including HIPAA, which are enforced by HHS.

“Health care organizations need to make data security central to how they manage their information systems and to be vigilant in assessing and addressing the risks to data on a regular basis,” said Seeger, the HHS official. “In addition, organizations need to ensure they are able to identify and respond appropriately to security incidents when they do happen to mitigate harm to affected individuals and prevent future similar incidents from occurring.”

State-level officials are also increasingly involved in enforcement in this area, said Vernick, and consumers may have additional legal avenues depending on state laws.

But privacy and cybersecurity advocates say the industry and the government still aren’t doing enough to protect consumers.

“HIPAA required security be addressed, but it wasn’t spelled it out exactly how, so there was no culture of using ironclad security,” said Peel. “We have systems that are engineered as though this data is not sensitive and valuable.”

Health organizations sometimes rely on legacy systems, and some have not invested in cybersecurity at a rate that matches the urgency of the threats they face, Kennedy said. “The medical industry is years and years behind other industries when it comes to security.”

Even before the Anthem breach, major health insurers had become aware of the rising risk of cyberattacks. Aetna and United Health Group both cited the risks of hackers and breaches in their respective 2013 financialreports.

And the industry is already taking steps to coordinate how it responds to such incidents through groups designed to share information about digital threats — like the National Health Information Sharing and Analysis Center, or NHISAC. The organization is one of several efforts related to critical infrastructure that works with the Department of Homeland Security to share data about current threats, such as what sort of tactics are used and forensic information about attackers.

Members are able to share details about security incidents in “machine time” using an automated system, according to NHISAC executive director Deborah Kobza, and the group sends out daily threat updates. When a major cyberattack is disclosed, NHISAC erupts into a flurry of activity — trying to find out as much as possible so its members have information that can make it easier to see if they’ve been the victims of a similar attack.

And 2015 has already kept NHISAC busy: “We just caught our breath from the Anthem hack, and here we go again,” said Kobza about responding to the Premera breach.

The Centers for Medicare & Medicaid Services has paid out nearly $30 billion in meaningful use incentives for hospitals and physicians to adopt EHRs. But some members of Congress, the body that approved those funds, are about as frustrated with EHRs as doctors and nurses.

“The evidence suggests these goals haven’t been reached,” said Senator Lamar Alexander, R-Tennessee, in a long EHR hearing followed by Erin McCann, Healthcare IT News managing editor.

Robert Wergin, MD, president of the American Academy of Family Physicians, said that family physicians are having a difficult time with the Stage 2 meaningful use requirements. The “time, expense and effort it takes makes it not worth while,” said Wergin. Indeed, some 55 percent of physicians surveyed plan on skipping Stage 2 all together.

“The issue of interoperability between electronic health records represents one of the most complex challenges facing the healthcare community,” said Wergin. The government “must step up efforts to require interoperability.”

A central problem, as McCann wrote, is that “Vendors have no incentive to share data and create more interoperable systems. There’s the question of data ownership here. There’s the question of competition. And there’s the question of standards, or lack thereof.”

“The vendors are siloed,” as Wergin said. “And you’re held somewhat hostage by the vendor you have.”